Static Application Security Testing (SAST) is a technique that statically analyzes program source code to detect problems within the source code. That is, SAST performs such analysis without actually executing (running) the source code. In some examples, problems within the source code can compromise the security of a computer program. Such problems can be caused by unchecked (un-validated) data-flows from a sink, e.g., input from a user, to a source, e.g., access to a database.